Re: Network "Change Management"

• Previous message: Jorge Reyes: "RE: Network "Change Management""
• In reply to: Zow: "Re: Network "Change Management""
• Next in thread: Jorge Reyes: "RE: Network "Change Management""
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sun, 19 Sep 2004 01:25:50 +0200
To: "\"Zow\" Terry Brugger" <zow@llnl.gov>

Zow Terry Brugger wrote:

>Dave,
>
>
>
>>Does anyone know of a Linux utility that can watch the MAC address
>>tables in Cisco switches and alert admins as to when a new device has
>>been plugged in?
>>
>>
>
>I don't work with Cisco switches too much, however you may be able to
>configure it to send an snmp alert to your Linux box when a new device is
>plugged in. You'd then use snmp-util (or whatever it's called these days) to
>handle the message on the Linux side.
>
>
>
I don't think this is possible.

>Alternatively you can set up arpwatch on your Linux box and periodically ping
>your whole range of IPs. Arpwatch will alert you when it sees new or changed
>MAC addresses for those IPs.
>
>
>
Well, this would only work for IP addresses that are within your subnet,
otherwise you'll only get the MAC address of your gateway back.

The easiest thing to do is to poll your router with SNMP, I believe
current arpwatch distributions can do that too, so you would have
both at once.

It all depends on why you want to do this Dave. Since you're mailing to a
security mailing list, I will assume you would like to keep track of what's
going on on your network. Are you familiar with 802.1x layer 2
authentication?

This can be set up so users will actually have to log in for layer 2 access,
and when they're authenticated, you could for example get a RADIUS
accounting message that will give you, among other things, the user's
MAC address and his login name.

Regards,
Fred Leeflang

• Previous message: Jorge Reyes: "RE: Network "Change Management""
• In reply to: Zow: "Re: Network "Change Management""
• Next in thread: Jorge Reyes: "RE: Network "Change Management""
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Network "Change Management" ... I don't work with Cisco switches too much, however you may be able to ... configure it to send an snmp alert to your Linux box when a new device is ... MAC addresses for those IPs. ... Set up the dhcp server to only allocate IPs to certain MAC addresses. ... (Focus-Linux) Re: Big Mac Hoax 2: "OS X is Unix" ... *certainly* wouldn't consider replacing my Linux box with a Mac. ... Sure, it is different, but there is value in *not* having Foo, FOO, ... Manually editing config files becomes a chore rather than a preferred ... (comp.sys.mac.advocacy) Re: advice for a mac laptop, please ... generally speaking the Mac just works out of the box. ... i need Linux for my Phd. ... Mac way of doing what you did on a Windows PC. ... operating systems, you may need a generous amount of disk space, ... (comp.sys.mac.misc) Re: 10.4.10: system components to safely delete? ... Mac first, Mac only: ... Are you worried about disk space or RAM? ... Still, the functionality of the OS was amazing, as everything responded so quickly, and it was all about stability and functionality. ... Whenever I'd ask about the relative merits of running Linux on a Mac, everyone would respond to me that I really shouldn't go there unless I enjoy programming. ... (comp.sys.mac.system) Re: OT - I ran.... ... the `Linux community' decided that because it included ... (Mandriva Free is a 'pure' distro which can easily have non-FOSS stuff ... have such things as "MP3" support and proprietary hardware support built ... I consider Mac OS X to be an excellent example of what a good Unix-type ... (uk.people.support.depression)